//package com.springcloud.security;
//
//import com.springcloud.model.SysResource;
//import com.springcloud.model.SysRoleResource;
//import com.springcloud.service.ISysResourceService;
//import com.springcloud.service.ISysRoleResourceService;
//import org.springframework.beans.factory.annotation.Autowired;
//import org.springframework.security.access.ConfigAttribute;
//import org.springframework.security.access.SecurityConfig;
//import org.springframework.security.web.FilterInvocation;
//import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
//import org.springframework.stereotype.Service;
//import javax.servlet.http.HttpServletRequest;
//import java.util.*;
//
///**
// * 自定义的权限数据
// */
//@Service
//public class MyInvocationSecurityMetadataSourceService implements FilterInvocationSecurityMetadataSource  {
//
//    @Autowired
//    ISysRoleResourceService roleResourceService;
//    @Autowired
//    ISysResourceService resourceService;
//
//    //此方法是为了判定用户请求的url 是否在权限表中，如果在权限表中，则返回给拥有url权限的角色ID给 decide 方法，用来判定用户是否有此权限。如果不在权限表中则放行。
//    @Override
//    public Collection<ConfigAttribute> getAttributes(Object o) throws IllegalArgumentException {
//
//        //object 中包含用户请求的request 信息
//        HttpServletRequest request = ((FilterInvocation) o).getHttpRequest();
//        String uri = request.getRequestURI();
//        Map<String, Object> condition = new HashMap<String, Object>();
//        condition.put("url",uri);
//        List<SysResource> resourceList = resourceService.selectByMap(condition);//查出资源ID
//        if(resourceList != null && resourceList.size() > 0 ) {
//            Map<String, Object> condition1 = new HashMap<String, Object>();
//            condition1.put("resource_id",resourceList.get(0).getId());
//            List<SysRoleResource> roleResourceList = roleResourceService.selectByMap(condition1);
//            Collection<ConfigAttribute> array = new ArrayList<>();
//            ConfigAttribute configAttribute;
//            for (SysRoleResource roleResource : roleResourceList) {
//                configAttribute = new SecurityConfig(roleResource.getRoleId().toString());
//                array.add(configAttribute);
//            }
//            return array;
//        }
//        return null;
//    }
//
//    @Override
//    public Collection<ConfigAttribute> getAllConfigAttributes() {
//        return null;
//    }
//
//    @Override
//    public boolean supports(Class<?> aClass) {
//        return true;
//    }
//}
